Total
29523 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2003-0035 | 1 Robert Krawitz | 1 Escputil | 2025-04-03 | 7.2 HIGH | N/A |
| Buffer overflow in escputil, as included in the printer-drivers package in Mandrake Linux, allows local users to execute arbitrary code via a long printer-name command line argument. | |||||
| CVE-2001-1171 | 1 Checkpoint | 1 Firewall-1 | 2025-04-03 | 7.2 HIGH | N/A |
| Check Point Firewall-1 3.0b through 4.0 SP1 follows symlinks and creates a world-writable temporary .cpp file when compiling Policy rules, which could allow local users to gain privileges or modify the firewall policy. | |||||
| CVE-2001-1142 | 1 Argosoft | 1 Ftp Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| ArGoSoft FTP Server 1.2.2.2 uses weak encryption for user passwords, which allows an attacker with access to the password file to gain privileges. | |||||
| CVE-2003-0058 | 2 Mit, Sun | 4 Kerberos 5, Enterprise Authentication Mechanism, Solaris and 1 more | 2025-04-03 | 5.0 MEDIUM | N/A |
| MIT Kerberos V5 Key Distribution Center (KDC) before 1.2.5 allows remote authenticated attackers to cause a denial of service (crash) on KDCs within the same realm via a certain protocol request that causes a null dereference. | |||||
| CVE-2005-3453 | 1 Oracle | 1 Application Server | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple unspecified vulnerabilities in Web Cache in Oracle Application Server 1.0 up to 10.1.2.0 has unknown impact and attack vectors, as identified by Oracle Vuln# (1) AS12 and (2) AS14. | |||||
| CVE-2004-2328 | 1 Clearswift | 1 Mailsweeper | 2025-04-03 | 5.0 MEDIUM | N/A |
| Clearswift MAILsweeper for SMTP before 4.3_13 allows remote attackers to cause a denial of service (infinite loop) via an e-mail with a crafted RAR archive attached. | |||||
| CVE-2006-4635 | 1 Squiz | 1 Mysource Classic | 2025-04-03 | 6.5 MEDIUM | N/A |
| Unspecified vulnerability in MySource Classic 2.14.6, and possibly earlier, allows remote authenticated users, with superuser privileges, to inject arbitrary PHP code via unspecified vectors related to the Equation attribute in Web_Extensions - Notitia (I/II). NOTE: due to lack of details, it is not clear whether this issue is file inclusion, static code injection, or another type of issue. | |||||
| CVE-2005-0566 | 1 Kmint21 Software | 1 Golden Ftp Server | 2025-04-03 | 7.5 HIGH | N/A |
| Buffer overflow in Golden FTP Server Pro (goldenftpd) 2.x allows remote attackers to execute arbitrary code via a long RNTO command. | |||||
| CVE-2005-0443 | 1 Devellion | 1 Cubecart | 2025-04-03 | 4.3 MEDIUM | N/A |
| index.php in CubeCart 2.0.4 allows remote attackers to (1) obtain the full path for the web server or (2) conduct cross-site scripting (XSS) attacks via an invalid language parameter, which echoes the parameter in a PHP error message. | |||||
| CVE-2005-2448 | 1 Ekg | 1 Ekg | 2025-04-03 | 5.0 MEDIUM | N/A |
| Multiple "endianness errors" in libgadu in ekg before 1.6rc2 allow remote attackers to cause a denial of service (invalid behavior in applications) on big-endian systems. | |||||
| CVE-2005-3765 | 1 Exponent | 1 Exponent | 2025-04-03 | 7.5 HIGH | N/A |
| Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote attackers to execute arbitrary code. | |||||
| CVE-2005-0544 | 1 Phpmyadmin | 1 Phpmyadmin | 2025-04-03 | 5.0 MEDIUM | N/A |
| phpMyAdmin 2.6.1 allows remote attackers to obtain the full path of the server via direct requests to (1) sqlvalidator.lib.php, (2) sqlparser.lib.php, (3) select_theme.lib.php, (4) select_lang.lib.php, (5) relation_cleanup.lib.php, (6) header_meta_style.inc.php, (7) get_foreign.lib.php, (8) display_tbl_links.lib.php, (9) display_export.lib.php, (10) db_table_exists.lib.php, (11) charset_conversion.lib.php, (12) ufpdf.php, (13) mysqli.dbi.lib.php, (14) setup.php, or (15) cookie.auth.lib.php, which reveals the path in a PHP error message. | |||||
| CVE-2004-0165 | 1 Apple | 2 Mac Os X, Mac Os X Server | 2025-04-03 | 5.0 MEDIUM | N/A |
| Format string vulnerability in Point-to-Point Protocol (PPP) daemon (pppd) 2.4.0 for Mac OS X 10.3.2 and earlier allows remote attackers to read arbitrary pppd process data, including PAP or CHAP authentication credentials, to gain privileges. | |||||
| CVE-2001-0559 | 1 Paul Vixie | 1 Vixie Cron | 2025-04-03 | 7.2 HIGH | N/A |
| crontab in Vixie cron 3.0.1 and earlier does not properly drop privileges after the failed parsing of a modification operation, which could allow a local attacker to gain additional privileges when an editor is called to correct the error. | |||||
| CVE-2000-0263 | 1 Redhat | 1 Linux | 2025-04-03 | 2.1 LOW | N/A |
| The X font server xfs in Red Hat Linux 6.x allows an attacker to cause a denial of service via a malformed request. | |||||
| CVE-2005-1850 | 1 Ekg | 1 Ekg | 2025-04-03 | 10.0 HIGH | N/A |
| Certain contributed scripts for ekg Gadu Gadu client 1.5 and earlier create temporary files insecurely, with unknown impact and attack vectors, a different vulnerability than CVE-2005-1916. | |||||
| CVE-1999-1014 | 1 Sun | 2 Solaris, Sunos | 2025-04-03 | 4.6 MEDIUM | N/A |
| Buffer overflow in mail command in Solaris 2.7 and 2.7 allows local users to gain privileges via a long -m argument. | |||||
| CVE-2004-2054 | 1 Phpbb Group | 1 Phpbb | 2025-04-03 | 5.0 MEDIUM | N/A |
| CRLF injection vulnerability in PhpBB 2.0.4 and 2.0.9 allows remote attackers to perform HTTP Response Splitting attacks to modify expected HTML content from the server via (1) the mode parameter to privmsg.php or (2) the redirect parameter to login.php. | |||||
| CVE-2005-0441 | 1 Sybase | 1 Adaptive Server Enterprise | 2025-04-03 | 10.0 HIGH | N/A |
| Multiple stack-based buffer overflows in Sybase Adaptive Server Enterprise (ASE) 12.x before 12.5.3 ESD#1 allow remote authenticated users to execute arbitrary code via the (1) attrib_valid function, (2) covert function, (3) declare statement, or (4) a crafted query plan, or remote authenticated users with database owner or "sa" role privileges to execute arbitrary code via (5) a crafted install java statement. | |||||
| CVE-2006-3391 | 1 Imbc | 1 Imbccontents Activex Control | 2025-04-03 | 5.1 MEDIUM | N/A |
| The Execute function in iMBCContents ActiveX Control before 2.0.0.59 allows remote attackers to execute arbitrary files via the file URI handler. | |||||